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DETAILED ACTION 

1 . Claims 1-13,16,1 7, 20-22, 24-31 , and 33-42 are pending and have been 
examined. 

2. In view of the arguments presented in the Appeal Brief filed on 1 2-08-2009, 
PROSECUTION IS HEREBY REOPENED. New grounds of rejection are set forth 
below. 

To avoid abandonment of the application, appellant must exercise one of the 
following two options: 

(1 ) file a reply under 37 CFR 1.111 (if this Office action is non-final) or a reply 
under 37 CFR 1 .1 1 3 (if this Office action is final); or, 

(2) initiate a new appeal by filing a notice of appeal under 37 CFR 41 .31 followed 
by an appeal brief under 37 CFR 41 .37. The previously paid notice of appeal fee and 
appeal brief fee can be applied to the new appeal. If, however, the appeal fees set forth 
in 37 CFR 41 .20 have been increased since they were previously paid, then appellant 
must pay the difference between the increased fees and the amount previously paid. 

A Supervisory Patent Examiner (SPE) has approved of reopening prosecution by 
signing below: 

/Emmanuel L. Moise/ 

Supervisory Patent Examiner, Art Unit 2437 
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Claim Rejections - 35 USC § 102 

3. The following is a quotation of the appropriate paragraphs of 35 U.S.C. 1 02 that 
form the basis for the rejections under this section made in this Office action: 
A person shall be entitled to a patent unless - 

(e) the invention was described in (1) an application for patent, publislied under 
section 122(b), by anotlier filed in tiie United States before tiie invention by tiie 
applicant for patent or (2) a patent granted on an application for patent by 
anotlier filed in the United States before the invention by the applicant for patent, 
except that an international application filed under the treaty defined in section 
351(a) shall have the effects for purposes of this subsection of an application 
filed in the United States only if the international application designated the 
United States and was published under Article 21(2) of such treaty in the English 
language. 



4. Claims 1 , 2, 4-6, 8, 1 0-1 2, 39 and 41 are rejected under 35 U.S.C. 1 02(e) as 
being anticipated by Bonn et al., US 6,738,908. Bonn teaches: 



As for claim 1 , a method for automatically provisioning a plurality of computing 
devices in accordance with established policies (abstract, col. 2 lines 16-24), the 
method comprising the steps of: creating a plurality of templates reflecting said policies 
(col. 4 lines 6-51), expanding at least one template at a central location to create a 
document comprising expanded information (col. 4 lines 6-51, col. 6 lines 30-53), and 
sending from the central location the expanded document comprising the expanded 
information to said plurality of computing devices (col. 6 lines 30-53), 
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As for claim 2, Bonn teaclies interpreting tlie expanded information by agents 
wliicli are respectively resident on each of said plurality of computing devices (col.9 line 
33-35: NSD's implement the new security policies). 

As for claims 4 and 1 0, Bonn teaches the limitations of claims 3 and 9 from which 
claims 4 and 10 depend respectively, and further wherein the plurality of templates 
includes a first category of templates that reflect policies applicable to all of the plurality 
of computing devices (col. 8 lines 1-34). 

As for claims 5 and 1 1 , Bonn teaches the limitations of claims 4 and 1 0 from 
which claims 5 and 1 1 depend respectively, and further wherein the plurality of 
templates includes a second category of templates that reflect policies applicable to 
only a subset of the plurality of computing devices (col. 8 lines 42-54). 

As for claims 6 and 12, Bonn teaches the limitations of claims 4 and 10 from 
which claims 6 and 12 depend respectively, and further wherein the plurality of 
templates includes another category of templates that reflect policies only applicable to 
a particular type of the plurality of computing devices (col. 8 lines 42-54). 

As for claim 8, a system for automatically provisioning a plurality of computing 
devices in accordance with established policies, the system comprising: a database 
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system which stores a plurality of templates which reflect said polices (col. 6 lines 20- 
25), a plurality of agents which are respectively resident on each of said plurality of 
computing devices (col. 9 line 33-35: NSD's implement the new security policies), and 
which communicate with said database system to obtain information with regard to 
provisioning and maintenance of the respective computing devices (col. 9 line 33-35: 
NSD's implement the new security policies), and a communications gateway through 
which communication messages are exchanged between said agents and said 
database system (col. 5 lines 55-60: Policy manager), wherein said communications 
gateway is configured to: retrieve the individual ones of the plurality of templates (col. 8 
lines 38-54), expand the plurality of retrieved templates to create respective documents 
containing combined template information and expanded information (col. 8 lines 38- 
54), and provided the documents containing the combined template information and 
expanded information to said plurality of agents (col. 8 lines 38-54), 

As for claims 39 and 41 , Bonn teaches the limitations of claims 1 and 8 from 
which claims 39 and 41 depend respectively, and further wherein at least one template 
includes a reference to information external to the template (col. 4 line 64 through col. 5 
line 6), and wherein said communication gateway expands the template by creating a 
document that includes information contained in the template and said external 
information (col. 8 lines 38-54). 
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Claim Rejections - 35 USC § 103 

5. The following is a quotation of 35 U.S.C. 1 03(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or deschbed as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the phor art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 

6. Claims 3, 7, 9, 1 3, 1 6, 1 7, 20-22, 24-31 , and 33-36 are rejected under 35 U.S.C. 
103(a) as being unpatentable over Bonn et al., and Rothermel US 6,678,827. 

As for claims 3 and 9, Bonn teaches the limitations of claims 1 and 8 from which 
claims 3 and 9 depend respectively, but not further wherein the structure of said plurality 
of templates includes conditional statements that determine whether a template is to be 
expanded with predetermined information on the basis of the computing device to which 
the expanded information is being provided. However Rothermel does teach this feature 
(col. 10 lines 25-35, fig. 3B, fig. 8). Therefore it would have been obvious to one of 
ordinary skill in the art at the time the invention was made to incorporate these steps 
into the method of Bonn. It would have been desirable to do so since such a template 
field would allow an administrator to configure a network security policy template more 
quickly. 
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As for claims 7 and 13, Bonn teaclies tlie limitations of claims 1 and 8 from which 
claims 7 and 13 depend respectively, but not further wherein said policies are security 
polices regarding user access to each of the plurality of computing devices. However 
Rothermel does teach these steps (col. 1 1 lines 1-45). Therefore, it would have been 
obvious to one of ordinary skill in the art at the time the invention was made to 
incorporate these steps into the method of Bonn. It would have been desirable to do so 
since this would increase the range of security rules available to an administrator for 
configuration and hence increase the utility of the method of Bonn. 

As for claims 16 and 20, Bonn teaches the limitations of claim 39 and 41 from 
which claims 16 and 20 depend respectively, but not further wherein said external 
information comprises a list of users. However Rothermel does teach this feature (col. 
1 1 lines 18-30). Therefore, it would have been obvious to one of ordinary skill in the art 
at the time the invention was made to incorporate these steps into the method of Bonn. 
It would have been desirable to do so since this would increase the range of security 
rules available to an administrator for configuration and hence increase the utility of the 
method of Bonn. 

As for claims 17 and 21, The combination of Bonn and Rothermel teaches the 
limitations of claims 9 and 3 respectively. Bonn fails to teach the additional feature 
wherein said communications gateway expands a template to include information 
contained in a conditional statement only if the computing device to which said 
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expanded information is to be provided meets tlie condition. However, Rotliermel does 
teacli tliis feature (col. 1 1 lines 35-40). Therefore, it would have been obvious to one of 
ordinary skill in the art at the time the invention was made to incorporate these steps 
into the method of Bonn. It would have been desirable to do so since this would allow 
an administrator to expand a template automatically in cases where statements apply to 
a particular network device and hence increase the efficiency of the system. 

As for claim 22, Bonn teaches a method of controlling user access to networked 
computing devices (abstract, col. 1 lines 63-67), comprising the steps of: storing a 
plurality of templates that identify user-access policies for respective ones of said 
devices (col. 4 lines 38-51 ), at least one of said templates including a reference to 
information that is external to the template (col. 4 line 64 through col. 5 line 6); retrieving 
a template that pertains to a given one of said devices (col. 9 line 10-20), and sending 
said document from said central location to the given one of said devices after 
expansion (col. 9 lines 30-33). Bonn fails to explicitly tech the steps of expanding the 
template by creating a document at a central location comprising a listing of users 
identified in said template and users identified by any externally referenced information. 
However, Rothermel does teach these features (col. 1 1 lines 18-30). Therefore, it would 
have been obvious to one of ordinary skill in the art at the time the invention was made 
to incorporate these steps into the method of Bonn. It would have been desirable to do 
so since this would increase the range of security rules available to an administrator for 
configuration and hence increase the utility of the method of Bonn. 
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As for claim 24, tlie combination of Bonn and Rotliermel teacli all of the 
limitations of claim 22 upon which claim 24 depends. Bonn fails to teach the additional 
feature wherein said external information comprises a list of users. However Rothermel 
does teach this feature (col. 1 1 lines 18-30). Therefore, it would have been obvious to 
one of ordinary skill in the art at the time the invention was made to incorporate these 
steps into the method of Bonn. It would have been desirable to do so since this would 
increase the range of security rules available to an administrator for configuration and 
hence increase the utility of the method of Bonn. 

As for claim 25, The combination of Bonn and Rothermel teaches all of the 
features of claim 24 upon which claim 25 depends. Bonn fails to teach the additional 
features wherein all of the users on said list perform a specified role relative to said 
computing devices. However Rothermel does teach this feature (col. 1 1 lines 20-45). 
Therefore, it would have been obvious to one of ordinary skill in the art at the time the 
invention was made to incorporate these steps into the method of Bonn. It would have 
been desirable to do so since this would increase the range of security rules available to 
an administrator for configuration and hence increase the utility of the method of Bonn. 

As for claim 26, the combination of Bonn and Rothermel teaches the limitations 
of claim 25 from which claim 26 depends. Bonn fails to teach the additional features 
wherein at least one of the templates includes a conditional statement, and the step of 
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creating a document comprises including information from said conditional statement in 
said document only if said given device meets the condition. However, Rothermel does 
teach these features (col. 10 lines 25-35, fig. 3B, fig. 8). Therefore it would have been 
obvious to one of ordinary skill in the art at the time the invention was made to 
incorporate these steps into the method of Bonn. It would have been desirable to do so 
since such a template field would allow an administrator to configure a network security 
policy template more quickly. 

As for claims 27 and 33, Bonn teaches the methods of claim 22 and 31 from 
which claims 27 and 33 are dependent respectively, and further wherein the plurality of 
templates includes a first category of templates that reflect policies applicable to all of 
the plurality of computing devices (col. 8 lines 1-34) and further wherein the plurality of 
templates includes a second category of templates that reflect policies applicable to 
only a subset of the plurality of computing devices (col. 8 lines 42-54). 

As for claims 28 and 34, Bonn teaches the method of claims 27 and 33 from 
which claims 28 and 34 are dependent respectively, and further wherein a template in 
the second category inherits policies contained in a template of said first category (col. 8 
lines 42-54). 
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As for claims 29 and 35, Bonn teaclies tlie metliod of claims 28 and 34 from 
which claims 29 and 35 are dependent respectively, and further wherein said 
inheritance can be selectively disabled (col. 9 lines 1-20). 

As for claims 30 and 36, Bonn teaches the method of claims 28 and 34 from 
which claims 30 and 36 are dependent respectively, and further including a third 
category of templates that pertain to specific devices and inherit policies from templates 
in said second category (col. 9 lines 34-39). 

As for claim 31 , Bonn teaches a method for controlling user access to networked 
computing devices (abstract, col. 1 lines 63-67), comprising the steps of: storing a 
plurality of templates that identify user-access policies for respective ones of said 
devices (col. 4 lines 38-51 ), retrieving a template that pertains to a given one of said 
devices (col. 8 lines 38-67), creating a document at a central location and sending said 
document from said central location to the given one of said devices (col. 9 lines 30-35). 
Rothermel teaches the additional limitations that Bonn fails to teach, namely: wherein at 
least one of said templates includes a conditional statement (col. 10 lines 25-35, fig. 3B, 
fig. 8), wherein the document comprises a listing of users identified in said template (col. 
11 lines 18-45) and users identified in any conditional statement if said given device 
meets the condition (col. 1 1 lines 18-45). Therefore, it would have been obvious to one 
of ordinary skill in the art at the time the invention was made to incorporate these steps 
into the method of Bonn. It would have been desirable to do so since this would 
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increase tlie range of security rules available to an administrator for configuration and 
hence increase the utility of the method of Bonn. 



7. Claims 37, 38, 40, and 42 are rejected under 35 U.S.C. 1 03(a) as being 
unpatentable over Bonn and Rothermel, and further in view of Teng et al., US 
7,380,008. 

The combination of Bonn and Rothermel fails to teach the feature wherein the 
document is an XML document. However, Teng does teach such an XML document 
where an XML template is expanded at a central location by a server and where the 
document includes references to information external to the template (fig. 39, col. 47 
line 28 through col. 49 line 34). Therefore it would have been obvious to one of 
ordinary skill in the art at the time the invention was made to incorporate this feature 
into the system of Bonn and Rothermel. It would have been obvious to do so since this 
would allow for the use of XML documents compatible with common platforms such as 
JAVA and allow greater portability of the system. 

Conclusion 

8. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Paul E. Callahan whose telephone number is (571) 272- 
3869. The examiner can normally be reached on M-F from 9 to 5. 
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If attempts to reach the examiner by telephone are unsuccessful, the Examiner's 
supervisor, Emmanuel Moise, can be reached on (571) 272-3865. The fax phone 
number for the organization where this application or proceeding is assigned is: (571) 
273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). 

/PEC/ 
AU2437 



/Emmanuel L. Moise/ 

Supervisory Patent Examiner, Art Unit 2437 



